IPTABLES - block IPs that do not complete handshake/visit webpage

iptables block syn

Solution 1:

since i write the entries to iptables myself and execute with iptables-restore < /etc/iptables/rules, and failt2ban uses iptables too, i dont know how would both work together.

You can:

  1. either use --noflush option with iptables-restore to avoid removal of fail2ban (and other rules), and filter f2b-* chains by iptables-save.
  2. or switch to nftables (since fail2ban support this action) and it can target the tables by dump and restore separately, so they would not remove or overwrite fail2ban chains.

Related

Cannot stop screen started with systemctl start [closed]
DNS: primary zone file on one server only; if so, how do things work? [closed]
Is it possible to have one ip on main domain and a different ip on a trailing slash domain
How to bundle intermediate certs into one file
oVirt or Proxmox with Cloudstack
GlusterFS or Ceph RBD for storing Virtual Machine image
Why does Apache send HTTP/1.1 when client requests HTTP/1.0? And many other very similar problems [closed]
Should I use a crossover cable to connect a cable modem to a router?
Rewrite cond for domain and www.domain letsencrypt
Different response when hitting curl command with & without single quotes
Exchange 2010 junk filter not working
My Site is not working